| Page(s) : 1 ... 65 66 67 68 69 70 71 72 73 74 [75] 76 77 78 79 80 81 82 83 84 85 ... | Result(s) : 324205 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 6.4 | 2025-06-10 | CVE-2025-2918 | cve | The Ultimate Blocks – WordPress Blocks Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 3.3.3 ... |
| N/A | 2025-06-10 | CVE-2025-43697 | cve | Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (DataMapper) allows exposure of encrypted data. This impacts OmniStudio: before Spring 2025 |
| N/A | 2025-06-10 | CVE-2025-43698 | cve | Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows bypass of field level security controls for Salesforce objects. This impacts Omni... |
| N/A | 2025-06-10 | CVE-2025-43699 | cve | Client-Side Enforcement of Server-Side Security vulnerability in Salesforce OmniStudio (FlexCards) allows bypass of required permission check. This impacts OmniStudio: before ... |
| N/A | 2025-06-10 | CVE-2025-43700 | cve | Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows exposure of encrypted data. This impacts OmniStudio: before Spring 2025. |
| N/A | 2025-06-10 | CVE-2025-43701 | cve | Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows exposure of Custom Settings data. This impacts OmniStudio: before version 254. |
| 6.4 | 2025-06-10 | CVE-2025-4577 | cve | The Smash Balloon Social Post Feed – Simple Social Feeds for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-color attribute in all vers... |
| 6.4 | 2025-06-10 | CVE-2025-4774 | cve | The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-countdown attribute of Countdown widget in all versions up to, an... |
| N/A | 2025-06-10 | CVE-2025-49454 | cve | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in LoftOcean TinySalt allows PHP Local File Inclu... |
| N/A | 2025-06-10 | CVE-2025-49455 | cve | Deserialization of Untrusted Data vulnerability in LoftOcean TinySalt allows Object Injection.This issue affects TinySalt: from n/a before 3.10.0. |
| N/A | 2025-06-10 | CVE-2025-49507 | cve | Deserialization of Untrusted Data vulnerability in LoftOcean CozyStay allows Object Injection.This issue affects CozyStay: from n/a before 1.7.1. |
| N/A | 2025-06-10 | CVE-2025-49509 | cve | Missing Authorization vulnerability in Roland Beaussant Audio Editor & Recorder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Audio ... |
| N/A | 2025-06-10 | CVE-2025-49510 | cve | Cross-Site Request Forgery (CSRF) vulnerability in WPFactory Min Max Step Quantity Limits Manager for WooCommerce allows Cross Site Request Forgery.This issue affects Min Max St... |
| N/A | 2025-06-10 | CVE-2025-49511 | cve | Cross-Site Request Forgery (CSRF) vulnerability in uxper Civi Framework allows Cross Site Request Forgery.This issue affects Civi Framework: from n/a through 2.1.6. |
| N/A | 2025-06-10 | VU#211341 | VU-CERT | A vulnerability in Insyde H2O UEFI application allows for digital certificate injection via NVRAM variable |
| 6.4 | 2025-06-10 | CVE-2025-3076 | cve | The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘button_text’ parameter in all versions up to, and including, 3.29.0 ... |
| 5.3 | 2025-06-10 | CVE-2025-5935 | cve | A vulnerability was found in Open5GS up to 2.7.3. It has been declared as problematic. Affected by this vulnerability is the function common_register_state of the file src/mme/e... |
| N/A | 2025-06-10 | CVE-2025-5952 | cve | A vulnerability, which was classified as critical, has been found in Zend.To up to 6.10-6 Beta. This issue affects the function exec of the file NSSDropoff.php. The manipulation... |
| N/A | 2025-06-10 | CVE-2025-1041 | cve | An improper input validation discovered in Avaya Call Management System could allow an unauthorized remote command via a specially crafted web request. Affected versions inc... |
| N/A | 2025-06-10 | CVE-2025-4840 | cve | The inprosysmedia-likes-dislikes-post WordPress plugin through 1.0.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action avai... |
| Page(s) : 1 ... 65 66 67 68 69 70 71 72 73 74 [75] 76 77 78 79 80 81 82 83 84 85 ... | Result(s) : 324205 |
